Memory usage on relays
Nn6eumtr
nn6eumtr at gmail.com
Tue Jan 19 01:02:48 UTC 2010
Binaries are staticly linked so that someone can't substitute a
replacement library. Otherwise you can replace the library or set
LDPRELOAD to implement a variety of attacks.
On Jan 18, 2010, at 2:28 PM, Nick Mathewson <nickm at torproject.org>
wrote:
> On Sun, Jan 17, 2010 at 11:29 PM, John Brooks <special at dereferenced.net
> > wrote:
> [...]
>> As a vaguely related sidenote, is it intentional that openssl is
>> statically linked? I would expect that Tor more than anything would
>> want to benefit from security updates as quickly as possible, and
>> most
>> package managers / people won't rebuild it after an openssl update.
>> Seems a bit dangerous. I was able to confirm that I was running with
>> the right version, though, by adding the following right under Tor's
>> version notice:
>
> Tor links against openssl dynamically for me, at least. Let us know
> if there's some more magic we need to do in src/or/Makefile.am to make
> it dynamically linke for others.
>
> I'm not sure openssl builds shared libraries by default, though: could
> that be the problem.
>
> --
> Nick
> ***
> ********************************************************************
> To unsubscribe, send an e-mail to majordomo at torproject.org with
> unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list